This will _KILL_ you if you ever need to deploy ADFS. Best practice is to use a sub-domain (i.e., ad.example.com) of your external domain.
Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com -----Original Message----- From: John Aldrich [mailto:[email protected]] Sent: Wednesday, April 28, 2010 10:30 AM To: NT System Admin Issues Subject: RE: Current AD domain naming best practices My understanding is the same as your Novell admin's: keep the two separate, i.e. businessname.com for external and businessname.local for internal. -----Original Message----- From: Joseph Heaton [mailto:[email protected]] Sent: Wednesday, April 28, 2010 10:22 AM To: NT System Admin Issues Subject: Current AD domain naming best practices We are currently in the beginning phases of migrating from Novell e-Directory, to AD. We are having discussions to decide on a new internal domain name. I know that years ago, it was best practice to have a different internal domain name from your external domain name, which is what the Novell guy is holding onto, like a pitbull to a mailman's leg. Is that still true today? We are on private IPs internally, so external forces can't route to the inside anyway, so my thinking, and the other Windows admins, is that having the same FQDN internally would be ok. TIA, Joe ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
